Self-hosting quickstart guide (5 min)
NetBird is open-source and can be self-hosted on your servers.
It relies on components developed by NetBird Authors Management Service, Management UI Dashboard, Signal Service, a 3rd party open-source STUN/TURN service Coturn, and an identity provider (available options will be listed later in this guide).
If you would like to learn more about the architecture please refer to the Architecture section.
It might be a good idea to try NetBird before self-hosting on your servers. We run NetBird in the cloud, and it will take a few clicks to get started with our managed version. Check it out!
Quick self-hosting with Zitadel IdP
In this guide, we will guide you through deploying NetBird with Zitadel as the identity provider for user management using a single-line setup script and docker containers.
This is the quickest way to try self-hosted NetBird. It should take around 5 minutes to get started if you already have a public domain and a VM. Follow the Advanced guide with a custom identity provider for installations with different IDPs.
Requirements
Infrastructure requirements:
- A Linux VM with at least 1CPU and 2GB of memory.
- The VM should be publicly accessible on TCP ports 80, 443, 33073, 10000 and 33080; and UDP ports: 3478, 49152-65535.
- Public domain name pointing to the VM.
Software requirements:
- Docker installed on the VM with the docker compose plugin (Docker installation guide) or docker with docker-compose in version 2 or higher.
- jq installed. In most distributions
Usually available in the official repositories and can be installed with
sudo apt install jq
orsudo yum install jq
- curl installed.
Usually available in the official repositories and can be installed with
sudo apt install curl
orsudo yum install curl
Download and run the script
Download and run the installation script in a single line:
export NETBIRD_DOMAIN=netbird.example.com; curl -fsSL https://github.com/netbirdio/netbird/releases/latest/download/getting-started-with-zitadel.sh | bash
If you want to check the script before running it, you can download it and run it locally:
curl -sSLO https://github.com/netbirdio/netbird/releases/latest/download/getting-started-with-zitadel.sh
# check the script
cat getting-started-with-zitadel.sh
# run the script
export NETBIRD_DOMAIN=netbird.example.com
bash getting-started-with-zitadel.sh
Replace netbird.example.com
with your domain name.
Once the script execution is complete, you can access your netbird instance via the URL https://netbird.example.com
using the credentials displayed in your terminal.
Add users
If you want to add additional users, you can access Zitadel's management console via the URL https://netbird.example.com/ui/console
with the same credentials. Follow the Users guide
from Zitadel to add additional local users or integrate Zitadel with your existing identity provider by following the guide Configure identity providers.
Backup
To backup your NetBird installation, you need to copy the configuration files, the Management service databases, and Zitadel's database.
The configuration files are located in the folder where you ran the installation script. To backup, copy the files to a backup location:
mkdir backup
cp docker-compose.yml Caddyfile zitadel.env dashboard.env turnserver.conf management.json backup/
To save the Management service databases, you need to stop the Management service and copy the files from the store directory using a docker compose command as follows:
docker compose stop management
docker compose cp -a management:/var/lib/netbird/ backup/
docker compose start management
You can follow the Cockroach backup guide to backup Zitadel's database, which holds user information.
Upgrade
To upgrade NetBird to the latest version, you need to review the release notes for any breaking changes and follow the upgrade steps below:
- Run the backup steps described in the backup section.
- Pull the latest NetBird docker images:
docker compose pull management dashboard signal relay
- Restart the NetBird containers with the new images:
docker compose up -d --force-recreate management dashboard signal relay
Remove
To remove the NetBird installation and all related data from your server, run these commands from the folder where you installed NetBird:
# remove all NetBird-related containers and volumes (data)
docker compose down --volumes
# remove downloaded and generated config files
rm -f docker-compose.yml Caddyfile zitadel.env dashboard.env machinekey/zitadel-admin-sa.token turnserver.conf management.json
Troubleshoot
-
I'm trying to register a user but I didn't receive a verification code. What's the problem?
The NetBird quickstart script generates a user name and a password for the administrator. This should be enough to login and manage your network. If you want to register a new user and invite them via email, you need to configure a SMTP server in Zitadel. See this guide or details.
Get in touch
Feel free to ping us on Slack if you have any questions
- NetBird managed version: https://app.netbird.io
- Make sure to star us on GitHub
- Follow us on Twitter